IS 432 Mid-Term
What tool does McAfee Personal Firewall offer?
A visual tool to trace attacks
Which of the following has three different key sizes that it can use?
AES
Which of the following is a block cipher?
AES
Which type of encryption is included with the T series?
AES and 3DES
Modern ciphers use binary operations. Which of the following is an example of a binary operator?
AND
Specter can be used to emulate which of the following services?
All of the above
The Windows 10 Firewall allows you to set rules for which of the following areas?
All of these
What is another term for preemptive blocking?
Banishment vigilance
Which of the following is not a common feature of most single PC firewalls?
Built-in NAT
The first computer incident-response team is affiliated with what university?
Carnegie-Mellon University
Which of the following is an example of an enterprise level firewall?
Check Point 15000 series
Which type of firewall creates a private virtual connection with the client?
Circuit level gateway.
Which of the following is a small text file that web pages can place on your computer to keep track of your browsing activity?
Cookie
Which of the following is a symmetric key system using blocks?
DES
At which layer of the OSI model does PPTP operate?
Data link
Which of the following is a combination of IDS and a honeypot?
Decoy server
Which of the following is not part of the CIA triangle?
Discretion
Which of the following types of attacks tricks internet routers into attacking a target?
Distributed reflection denial of service attack
Which authentication protocols are available under PPTP?
EAP and CHAP
Which of the following IDS terms refers to an occurrence that indicates a suspicious activity may have taken place?
Event
Which of the following is used to filter incoming and ongoing traffic?
Firewall
Which of the following malware can monitor network traffic and take a snapshot of the target system?
Flame
Specter is which of the following?
Honeypot
Which of the following refers to a single machine set up to simulate a valuable server or even an entire subnetwork?
Honeypot
Which of the following IPSec protocols manages the exchange of encryption keys?
IKE
What is the best method for defending against IP spoofing?
Installing a router/firewall that blocks packets that appear to be originating within the network.
Virtual Private Networks (VPNS) establish a secure private connection over which of the following communication mediums?
Internet
Attempting to attract intruders to a system set up to monitor them is called what?
Intrusion Deflection
Which of the following involves trying to make a network system seem like a less appealing target?
Intrusion Deterrence
Which of the following is a disadvantage of an application gateway?
It consumes a lot of system resources
Which of the following is the primary weakness in the Caesar cipher?
It does not disrupt letter frequency.
What is the most important security advantage of NAT?
It hides internal network addresses
Which of the following statements about Flame is true?
It is a virus designed for espionage.
Which of the following is an advantage of the network host-based configuration?
It is inexpensive or free
What is a technical weakness of the stack tweaking defense?
It only decreases the danger but does not prevent it.
Which of the following is a disadvantage of the Cisco ASA 5500 series firewall?
It requires at least moderate skill to configure and administer.
Why might a circuit level gateway be inappropriate for some situations?
It requires client-side configuration
Should a home user block incoming ICMP traffic, and why or why not?
It should be blocked because such traffic is often used to do port scans and flood attacks.
Which of the following is a problem with the threshold monitoring approach?
It yields many false positives
What is the best way to defend against a buffer overflow?
Keep all software patched and updated.
Which of the following is a difference between PPTP and L2TP?
L2TP can work over X.25 and ATM networks whereas PPTP can work only over IP networks.
Which of the following is not an advantage of the FortiGate Firewall?
Low cost
Which of the following types of viruses target office documents such as files created in Microsoft Office?
Macro viruses
Which of the following is an example of threshold monitoring?
Monitoring failed login attempts
Enterprise network solutions typically offer which of the following in comparison with smaller network solutions?
More features, additional throughput, and advanced capabilities.
Which of the following virus attacks initiated a DoS attack?
MyDoom
Why is encryption an important part of security?
No matter how secure your network is, the data being transmitted is still vulnerable without encryption.
Which of the following is used for steganalysis, to detect the use of steganography?
Noise distortion, RQP method, Chi-square analysis. all of these.
What is the difference between the transport mode and the tunnel mode in IPsec?
Only transport mode does not encrypt the header
What is the difference between voluntary and compulsory tunneling in PPTP?
Only voluntary tunneling allows standard PPP/non-VPN connection
Which of the following is an open source VPN solution available for Linux operating systems?
Openswan
What is the greatest danger in a network host-based configuration?
Operation system security flaws
Which of the following is generally considered the least secure?
PAP
PPTP is based on what earlier protocol?
PPP
Which of the following is an older VPN protocol based on point-to-point protocol?
PPTP
Which of the following are the four basic types of firewalls?
Packet Filtering, Application gateway, circuit level, and stateful packet inspection
Which of the following statements about buffer overflow attacks is true?
Perfectly written programs are not susceptible to buffer overflow attacks.
What are the three approaches to security?
Perimeter, layered, and hybrid
Which of the following commands can be used to determine if a system is reachable and how long a packet takes to reach that system?
Ping
Banishment Vigilance is also known as which of the following?
Preemptive blocking
Which of the following DoS attacks sends an ICMP packet with a modified return address to the broadcast network address?
Smurf attack
Which of the following is another term for ethical hacker?
Sneaker
Which of the following snort modes displays packet information to the console?
Sniffer
Which of the following uses the same key to encrypt and decrypt the message?
Symmetric encryption
Which of the following is the most common legitimate use for a password cracker?
Testing the encryption of your own network.
When assessing threats to a system, what three factors should you consider?
The System's attractiveness, the information contained on the system, and how much traffic the system gets
Which of the following IPSec modes encrypts the data in each packet but leaves the header unencrypted?
Transport
TLS is an acronym for which of the following?
Transport Layer Security
Which of the following are the two encryption modes used by IPSec?
Transport and tunnel
Which layer of the OSI model provides end-to-end communication control?
Transport layer
Which of the following DoS attacks sends a UDP packet to a random port on the victim's system?
UDP flood
Which of the following is a common problem when seeking information on firewalls?
Unbiased information might be hard to find.
An enterprise network is often made up of several local networks connected over which of the following?
WAN
Which of the following is a security approach that blocks users from visiting any website or internet resource except those on approved list?
Whitelisting
Which binary operator returns 0 if both numbers it compares are the same and returns 1 if the numbers it compares are different?
XOR
What is a computer virus?
Any program that self-replicates
Which of the following allows an administrator to specify what applications are allowed access?
Application gateway
What type of firewall requires individual client applications to be authorized to connect?
Application gateway.
Which of the following is the most basic security activity?
Authenticating users
An intrusion detection system is an example of:
Proactive security
Which of the following can be used to hide a company's internal IP address?
Proxy server
Which of the following is an encryption method developed by three mathematicians in the 1970s?
RSA
Which of the following would be the best defense if your web server had limited resources but you needed a strong defense against DoS?
RST cookies
Which of the following is a type of anomaly detection that measures the system-wide use of resources to develop a profile of that usage?
Resource profiling
What type of firewall is the Check Point 5000 series firewall?
SPI/Application gateway hybrid
What is the name for a DoS defense that is dependent on sending back a hash code to the client?
SYN cookie
The most desirable approach to security is one which is:
layered and dynamic
